BCM50 Rls 6.0
Router - Network Address Translation (NAT)
Task Based Guide
Network Address Translation (NAT)
Copyright © 2010 Avaya Inc. All Rights Reserved.
Notices
While reasonable efforts have been made to ensure that the information in this document is complete and accurate at the time of printing, Avaya assumes no liability for any errors. Avaya reserves the right to make changes and corrections to the information in this document without the obligation to notify any person or organization of such changes.
Documentation disclaimer
Avaya shall not be responsible for any modifications, additions, or deletions to the original published version of this documentation unless such modifications, additions, or deletions were performed by Avaya. End User agree to indemnify and hold harmless Avaya, Avaya’s agents, servants and employees against all claims, lawsuits, demands and judgments arising out of, or in connection with, subsequent modifications, additions or deletions to this documentation, to the extent made by End User.
Link disclaimer
Avaya is not responsible for the contents or reliability of any linked Web sites referenced within this site or documentation(s) provided by Avaya. Avaya is not responsible for the accuracy of any information, statement or content provided on these sites and does not necessarily endorse the products, services, or information described or offered within them. Avaya does not guarantee that these links will work all the time and has no control over the availability of the linked pages.
Warranty
Avaya provides a limited warranty on this product. Refer to your sales agreement to establish the terms of the limited warranty. In addition, Avaya’s standard warranty language, as well as information regarding support for this product, while under warranty, is available to Avaya customers and other parties through the Avaya Support Web site: http://www.avaya.com/support
Please note that if you acquired the product from an authorized reseller, the warranty is provided to you by said reseller and not by Avaya.
Licenses
THE SOFTWARE LICENSE TERMS AVAILABLE ON THE AVAYA WEBSITE, HTTP://SUPPORT.AVAYA.COM/LICENSEINFO/ ARE APPLICABLE TO ANYONE WHO DOWNLOADS, USES AND/OR INSTALLS AVAYA SOFTWARE, PURCHASED FROM AVAYA INC., ANY AVAYA AFFILIATE, OR AN AUTHORIZED AVAYA RESELLER (AS APPLICABLE) UNDER A COMMERCIAL AGREEMENT WITH AVAYA OR AN AUTHORIZED AVAYA RESELLER. UNLESS OTHERWISE AGREED TO BY AVAYA IN WRITING, AVAYA DOES NOT EXTEND THIS LICENSE IF THE SOFTWARE WAS OBTAINED FROM ANYONE OTHER THAN AVAYA, AN AVAYA AFFILIATE OR AN AVAYA AUTHORIZED RESELLER, AND AVAYA RESERVES THE RIGHT TO TAKE LEGAL ACTION AGAINST YOU AND ANYONE ELSE USING OR SELLING THE SOFTWARE WITHOUT A LICENSE. BY INSTALLING, DOWNLOADING OR USING THE SOFTWARE, OR AUTHORIZING OTHERS TO DO SO, YOU, ON BEHALF OF YOURSELF AND THE ENTITY FOR WHOM YOU ARE INSTALLING, DOWNLOADING OR USING THE SOFTWARE (HEREINAFTER REFERRED TO INTERCHANGEABLY AS "YOU" AND "END USER"), AGREE TO THESE TERMS AND CONDITIONS AND CREATE A BINDING CONTRACT BETWEEN YOU AND AVAYA INC. OR THE APPLICABLE AVAYA AFFILIATE ("AVAYA").
Copyright
Except where expressly stated otherwise, no use should be made of the Documentation(s) and Product(s) provided by Avaya. All content in this documentation(s) and the product(s) provided by Avaya including the selection, arrangement and design of the content is owned either by Avaya or its licensors and is protected by copyright and other intellectual property laws including the sui generis rights relating to the protection of databases. You may not modify, copy, reproduce, republish, upload, post, transmit or distribute in any way any content, in whole or in part, including any code and software. Unauthorized reproduction, transmission, dissemination, storage, and or use without the express written consent of Avaya can be a criminal, as well as a civil offense under the applicable law.
Third Party Components
Certain software programs or portions thereof included in the Product may contain software distributed under third party agreements ("Third Party Components"), which may contain terms that expand or limit rights to use certain portions of the Product ("Third Party Terms"). Information regarding distributed Linux OS source code (for those Products that have distributed the Linux OS source code), and identifying the copyright holders of the Third Party Components and the Third Party Terms that apply to them is available on the Avaya Support Web site: http://support.avaya.com/Copyright.
Trademarks
The trademarks, logos and service marks ("Marks") displayed in this site, the documentation(s) and product(s) provided by Avaya are the registered or unregistered Marks of Avaya, its affiliates, or other third parties. Users are not permitted to use such Marks without prior written consent from Avaya or such third party which may own the Mark. Nothing contained in this site, the documentation(s) and product(s) should be construed as granting, by implication, estoppel, or otherwise, any license or right in and to the Marks without the express written permission of Avaya or the applicable third party. Avaya is a registered trademark of Avaya Inc. All non-Avaya trademarks are the property of their respective owners.
2 |
NN40011-046 Issue 1.2 BCM50 Rls 6.0 |
Network Address Translation (NAT)
Downloading documents
For the most current versions of documentation, see the Avaya Support. Web site: http://www.avaya.com/support
Contact Avaya Support
Avaya provides a telephone number for you to use to report problems or to ask questions about your product. The support telephone number is 1-800-242-2121 in the United States. For additional support telephone numbers, see the Avaya Web site: http://www.avaya.com/support
Copyright © 2010 ITEL, All Rights Reserved
The copyright in the material belongs to ITEL and no part of the material may be reproduced in any form without the prior written permission of a duly authorised representative of ITEL.
NN40011-046 Issue 1.2 BCM50 Rls 6.0 |
3 |
Network Address Translation (NAT) |
|
Table of Contents |
|
Network Address Translation (NAT) |
................................ 5 |
Overview .................................................................................................. |
5 |
BCM50 and NAT ...................................................................................... |
5 |
BCM50 NAT Modes ........................................................................................... |
6 |
Required Information ................................................................................ |
7 |
Flow Chart ................................................................................................ |
8 |
Accessing the Web Router GUI ................................................................ |
9 |
From Element Manager ..................................................................................... |
9 |
Access Directly via a Web Browser ................................................................. |
14 |
NAT Configuration .................................................................................. |
16 |
SUA Server ...................................................................................................... |
16 |
Address Mapping ............................................................................................. |
17 |
Trigger Port ...................................................................................................... |
20 |
Avaya Documentation Links .......................................... |
22 |
4 |
NN40011-046 Issue 1.2 BCM50 Rls 6.0 |
Network Address Translation (NAT)
Network Address Translation (NAT)
Overview
Many people view the Internet as a "one-way street"; they forget that while their computer is connected to the Internet, the Internet is also connected to their computer. That means that anybody with Net access can potentially access resources on their computers (such as files, email, company network etc). Most personal computer operating systems are not designed with security in mind, leaving them wide open to attacks from the Internet.
Network address translation (NAT) is a scheme that allows two connected networks (for example your Private LAN connected to the Internet) to use different and incompatible IP addressing schemes. Address translation allows hosts on a private internal network to transparently communicate with destinations on an external network or vice versa. In this way, NAT is being used as a security mechanism to hide the internal IP addresses.
This also means that NAT allows the connecting of multiple computers to the Internet (or any other IP network) using one IP address, providing small businesses the means to connect their network to the Internet cheaply and efficiently.
Note: This guide relates to the BCM50a/ba and BCM50e/be models only.
Note: Although the BCM50a/ba models will not be supplied with BCM 6.0, it is possible to upgrade the variants of these models to BCM 6.0, if they were originally supplied with BCM50 R2 or BCM50 R3 software.
Note: The BCM50 Integrated Router is almost identical to the Business Secure Router (BSR) models. BCM50a/ba routers are based on the BSR252 and BCM50e/be routers are based on the BSR222.
BCM50 and NAT
The BCM50 Integrated Router enables a LAN network consisting of multiple computers to access the Internet, even though there may only be a single or a few WAN IP Addresses available. The process is roughly described as follows:
A PC on the network makes a request for information from the Internet
The BCM50 Integrated Router keeps a track of IP and port information for the outgoing packets, and replaces the source information with its own WAN information
Returning packets are checked and the original IP and port information is applied, to ensure that the packets return to the originator
BCM50 Integrated Router NAT is able to perform with either a single ISPallocated WAN IP address, or multiple ISP-allocated WAN IP addresses. If a
NN40011-046 Issue 1.2 BCM50 Rls 6.0 |
5 |
Network Address Translation (NAT)
single WAN IP Address is used, then the Single User Account (SUA) feature can be used. If multiple IP Addresses are used then the Full Feature NAT service can be used.
BCM50 NAT Modes
There are a total of five NAT modes on the BCM50 Integrated Router. Which modes you can use depends on the number of WAN IP Addresses have been issued by the ISP.
Single WAN IP Address
The following BCM50 Integrated Router NAT modes are supported for use with a single ISP-assigned WAN IP Address:
Many-to-one: Many LAN Addresses are mapped to a single WAN IP Address.
SUA Server: Forwards external requests for certain services – essentially ports – to specific LAN IP Addresses. An example of this would be an FTP Server (FTP uses port 21). External FTP requests can be forwarded to the FTP Server IP Address.
Note: For the SUA Server rules to function, Firewall rules need to be set up to allow e.g. FTP traffic through to the specified Server IP Address.
Multiple WAN IP Addresses
The following BCM50 Integrated Router NAT modes are supported for use with multiple ISP-assigned WAN IP Addresses:
One-to-one: Maps a single unique LAN IP Address to a single unique WAN IP Address. Only that LAN IP Address can access the Internet
Many to Many Overload: LAN IP Addresses are mapped to multiple WAN IP Addresses on a shared basis.
Many one-to-one: Maps each unique LAN IP Address to each unique WAN IP Address. You should ensure that there are as many WAN IP Addresses available as there are LAN IP Addresses that require external access.
Note: If the ISP assigns multiple WAN IP Addresses to the BCM50e/be/a/ba but you do not want to use more than one, the Many-to-one modes and SUA Server modes can still be employed.
6 |
NN40011-046 Issue 1.2 BCM50 Rls 6.0 |
Network Address Translation (NAT)
Required Information
Before configuring NAT, the following information is required:
How many WAN IP Addresses will the BCM50 Integrated Router be using?
If using multiple WAN IP Addresses, will a mapping mode be used?
Are there any Servers on the network that need to be accessed from the external network?
NN40011-046 Issue 1.2 BCM50 Rls 6.0 |
7 |
Loading...